Aruba Instant & Cloud Wi-Fi

Reply
Occasional Contributor I
Posts: 6
Registered: ‎03-01-2012

SSH to Aruba Instant?

Hello all,

 

I had my first interaction with Aruba Instant (IAP-105) yesterday and I realised that the browser is the only secure option to remotely configure Instant. My understanding is that SSH is disabled by default and the only other cli protocol is telnet, port 23 which is not secure.

 

I guess my question is if there is a trick or something that could possibly enable ssh because http is not my preferred way of configuring aruba. By the way, the version is 6.1.3.1-3.0.0.1_33617

 

Many Thanks,

Dimitris

Aruba
Posts: 1,279
Registered: ‎08-29-2007

Re: SSH to Aruba Instant?

Hi,

 

At the moment configuration by CLI is not supported on the instants.

 

There are various show and troubleshooting commands available, but as far as I know, you can only connect with telnet and not ssh.  This has certainly raised eyebrows with some customers I have deployed Instants for, so hopefully ssh will be supported in a future release.

 

:smileyhappy:


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACMP, ACMX #294
mclarke@arubanetworks.com
Moderator
Posts: 681
Registered: ‎04-16-2009

Re: SSH to Aruba Instant?

SSH should be available in the 3.2 release which is targeted for release before the end of December.

 

As Michael mentioned, however, the CLI is not supported for configuration.

Occasional Contributor I
Posts: 7
Registered: ‎02-07-2013

Re: SSH to Aruba Instant?

How do I enable telnet(or SSH if possible) on AP-105 Instant so I can do packet capture?

I am running 6.2.0.0.3.2.0.3

 

 

MVP
Posts: 702
Registered: ‎12-01-2010

Re: SSH to Aruba Instant?

On the Settings -> General (Advanced) panel, you'll see 'terminal access' is disabled.

Enable it and you should be able to connect.

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Occasional Contributor I
Posts: 7
Registered: ‎02-07-2013

Re: SSH to Aruba Instant?

Thanks! That was right on!!

I noticed that SSH is now default for terminal access!!!  Way to go Aruba!!

 

New Contributor
Posts: 2
Registered: ‎12-09-2012

Re: SSH to Aruba Instant?

Yes, but it is readonly :-(.

But at least, there is ssh.

Occasional Contributor I
Posts: 7
Registered: ‎02-07-2013

Re: SSH to Aruba Instant?

I was able to ssh to a particular AP-105 and use the pcap start .... commands to do remote network packet capture from the AP's WLAN interface ---  That is cool!!

 

New Contributor
Posts: 2
Registered: ‎12-09-2012

Re: SSH to Aruba Instant?

Is there a monitor mode for the interfaces too?

That would be very helpful.

Occasional Contributor I
Posts: 7
Registered: ‎02-07-2013

Re: SSH to Aruba Instant?

I am not sure what you are asking...

These are instructions I followed for WLAN packet capture

 

Aruba Instant version 6.1.2.3-2.0.0.3 and above have the pcap command to do the wireless packet capture on the IAP. This command is not exposed on the Web UI and has to run from the CLI.

 

1. Enable Telnet option to the IAP. By default Telnet or terminal access is disabled.

2. Use "show ap monitor status" to identify the base BSSID.

WLAN Interface
---------------
bssid              scan    monitor  probe-type  phy-type        task   channel  pkts
-----              ----    -------  ----------  --------        ----   -------  ----
'''00:24:6c:ae:81:68'''  enable  enable   m-portal    80211a-HT-40    tuned  149+     360116135
'''00:24:6c:ae:81:60'''  enable  enable   sap         80211b/g-HT-20  tuned  11       172543704
 

In the example above, the base bssid for 80211a is "00:24:6c:ae:81:68" and "00:24:6c:ae:81:60"


3. Use "pcap start <base bssid> <ip address of PC with Aruba version of Wireshark installed> <port> 0 1518"

Example:
pcap start 00:24:6c:ae:81:68 10.163.148.35 5555 0 1518 

4. Use "show pcap" to check the active pcap session

Packet Capture Sessions
-----------------------
pcap-id  filter  type  intf               channel  max-pkts  max-pkt-size  num-pkts  status       url  target
-------  ------  ----  ----               -------  --------  ------------  --------  ------       ---  ------
1                raw   00:24:6c:ae:81:68  149                                        in-progress       10.163.148.35/5555

5. Use "pcap stop <base bssid> <pcap-id> to stop the capture

Example:
pcap stop 00:24:6c:ae:81:68 1

6. Run the Aruba version of Wireshark on the PC, on the capture interface, select ARUBA udp-port=5555

Search Airheads
Showing results for 
Search instead for 
Did you mean: